<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ page import="com.project.util.ParamUtil"%>
<%@ page import="com.project.control.AdminControl"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
	<head>
		<title>用户登入</title>
	</head>
	<body>
<%
	String rand = (String) session.getAttribute("rand");
	String input = request.getParameter("rand");
	String username = request.getParameter("username");
	String pwd =  request.getParameter("pwd");
	AdminControl uc = new AdminControl();
	if (uc.isAdmin(username, pwd)) {
	   if(rand.equals(input)) {
			session.setAttribute("username",username); 
			session.setAttribute("pwd",pwd);
			response.sendRedirect("../index_admin.jsp");
		} else {
%>
	<script type="text/javascript">
		alert("用户名或密码错误,请重新输入！");
		window.location.href="login.jsp";
	</script>
<% } } else {
 		if (username != "" || pwd != "") {
%>
	<script language="javascript">
		alert("用户名或密码错误,请重新输入！");
		window.location.href="login.jsp";
	</script>
<% } else{
%>
	<script language="javascript">
		window.location.href="login.jsp";
	</script>
<%
} }
%>

	</body>
</html>
